Authentication logic is fragile

[kulmann]

We currently have multiple issues in the way the web ui handles authentication.

Touchpoints:

• refactoring: touches too many parts of the code base (vuex, runtime, ...)
• dependencies: currently used oidc-client lib is unmaintained
• bug/refactoring: user data loading happens too late (capability, account-info, shares & links ...)
• bug/refactoring: refresh token handling causes page reload (ocis) / doesn't work at all (oc10)
• bug/refactoring: session storage holds non-unique key for user data

Tasks:

• evaluate auth libs (needs oIdc & oAuth support) to find a replacement for oidc-client
  => we decided to use oidc-client-ts as a replacement as it seems to be much more active in development and is in good shape
• move auth related code into a new authService, state in store should only contain the userinfo and capabilities, not the auth logic
• replace oidc-client-js with oidc-client-ts
• split application init into two stages: 1) register app through it's manifest, including all routes, 2) (only AFTER auth handling is done) call ready hook of all applications
• when routes are loaded we know if the session needs to be authenticated or is public => load user if necessary. needs to be blocking. issue: currently the userLoaded event from the oidc-client-(j|t)s lib is only fired once after login, otherwise the event is suppressed. idea 1: implement own storage provider to intercept the event. idea 2: make an upstream contribution to get an event. 3: find out if we can know through other indications if the user is (already) loaded.
• edge case handling: public links with password need to re-trigger the bootstrap process after the password has been provided
• remove userReady hook
• investigate why the token renewal is not working (might even be a bug from the old oidc-client lib)
• set oidc-client-ts logging level through config

[kulmann]

One symptom / massive annoyance of the broken token refresh in ocis: #7008

[kulmann]

The maintainer of oidc-client recommends https://github.com/authts/oidc-client-ts which makes a good first impression so far